VYPR

rpm package

almalinux/libpng

pkg:rpm/almalinux/libpng

Vulnerabilities (8)

  • CVE-2026-33636HigMar 26, 2026
    affected < 2:1.6.40-8.el10_1.3fixed 2:1.6.40-8.el10_1.3

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. Whe

  • CVE-2026-33416HigMar 26, 2026
    affected < 2:1.6.37-12.el9_7.4fixed 2:1.6.37-12.el9_7.4

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`,

  • CVE-2026-25646Feb 10, 2026
    affected < 2:1.6.37-12.el9_7.2fixed 2:1.6.37-12.el9_7.2

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no hist

  • CVE-2026-22801Jan 12, 2026
    affected < 2:1.6.37-12.el9_7.2fixed 2:1.6.37-12.el9_7.2

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions png_write_image_16bit and png_write_image

  • CVE-2026-22695Jan 12, 2026
    affected < 2:1.6.37-12.el9_7.2fixed 2:1.6.37-12.el9_7.2

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlac

  • CVE-2025-66293Dec 3, 2025
    affected < 2:1.6.40-8.el10_1.1fixed 2:1.6.40-8.el10_1.1

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512

  • CVE-2025-65018Nov 24, 2025
    affected < 2:1.6.40-8.el10_1.1fixed 2:1.6.40-8.el10_1.1

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_re

  • CVE-2025-64720Nov 24, 2025
    affected < 2:1.6.40-8.el10_1.1fixed 2:1.6.40-8.el10_1.1

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images w